Commit Graph

411 Commits

Author SHA1 Message Date
Carlton Gibson 402c0caa85 Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format().
Thanks Sjoerd Job Postmus for the report and initial patch.
Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review.
2019-02-11 11:08:45 +01:00
Sergey Fedoseev 1835563ab8 Removed unneeded list() calls in sorted() argument. 2019-02-09 19:08:22 -05:00
Tim Graham 77d25dbd0f Refs #27753 -- Favored SafeString over SafeText. 2019-02-06 14:12:06 -05:00
Tim Graham d55e882927 Refs #27753 -- Deprecated django.utils.encoding.force_text() and smart_text(). 2019-02-06 14:12:06 -05:00
Aymeric Augustin 3bb6a4390c Refs #27753 -- Favored force/smart_str() over force/smart_text(). 2019-02-06 14:12:06 -05:00
Tim Graham 83c2bc52c2
Refs #27753 -- Deprecated django.utils.http urllib aliases. 2019-02-04 18:53:11 -05:00
Tim Graham 7e6b214ed3 Fixed #30116 -- Dropped support for Python 3.5. 2019-01-30 10:19:48 -05:00
Tom Forbes 1e92407f83 Fixed #25624 -- Fixed autoreload crash with jinja2.ModuleLoader. 2019-01-28 14:17:50 -05:00
Jon Dufresne 7e3bf2662b Removed default mode='r' argument from calls to open(). 2019-01-27 17:41:43 -05:00
Hasan Ramezani 7e978fdc42 Completed test coverage for utils.text._replace_entity(). 2019-01-23 19:33:21 -05:00
Hasan Ramezani 838e432e3e Completed test coverage for utils.text.Truncator.chars(). 2019-01-19 18:45:41 -05:00
Tim Graham 958a7b4ca6 Refs #28965 -- Removed utils.http.cookie_date() per deprecation timeline. 2019-01-17 10:52:19 -05:00
Santiago Basulto 4fc35a9c3e Fixed #20147 -- Added HttpRequest.headers. 2019-01-16 13:38:47 -05:00
Tom Forbes c8720e7696 Fixed #27685 -- Added watchman support to the autoreloader.
Removed support for pyinotify (refs #9722).
2019-01-13 20:33:47 -05:00
Tim Graham 0004daa536
Used 4 space hanging indent for dictionaries.
Thanks Mariusz Felisiak for auditing.
2019-01-02 18:18:19 -05:00
Jon Dufresne 6fe9c45b72 Fixed #30024 -- Made urlencode() and Client raise TypeError when None is passed as data. 2018-12-27 11:19:55 -05:00
Tim Graham 193c109327 Switched TestCase to SimpleTestCase where possible in Django's tests. 2018-11-27 08:58:44 -05:00
Thomas Grainger 0607699902 Fixed #29478 -- Added support for mangled names to cached_property.
Co-Authored-By: Sergey Fedoseev <fedoseev.sergey@gmail.com>
2018-11-19 13:40:49 -05:00
Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి) a7ef4a56e0 Fixed #29920 -- Added a test for smart_urlquote()'s UnicodeError branch. 2018-11-09 12:39:08 -05:00
Hasan Ramezani 6b7f1c2530 Increased test coverage of django.utils.http. 2018-11-03 11:13:28 -04:00
aspalding dc5e75d419 Fixed #29838 -- Fixed crash when combining Q objects with __in lookups and lists.
Regression in fc6528b25a.
2018-10-17 11:34:49 -04:00
aspalding 217f82d713 Refs #29838 -- Fixed make_hashable() for values that have lists or dicts nested in tuples.
And for non-hashable values that are iterable, e.g. sets.
2018-10-17 11:17:50 -04:00
aspalding 834c4ec8e4 Moved make_hashable() to django.utils and added tests. 2018-10-17 11:17:23 -04:00
Hasan Ramezani b5d7604cb0 Completed FixedOffset test coverage. 2018-10-09 20:32:08 -04:00
Sergey Fedoseev 8ef8bc0f64 Refs #28909 -- Simplifed code using unpacking generalizations. 2018-09-28 09:57:12 -04:00
Jon Dufresne 82f286cf6f Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
Javier Buzzi a0d63b02c3 Fixed #29772 -- Made LazyObject proxy __lt__() and __gt__(). 2018-09-19 13:51:01 -04:00
Claude Paroz 201017df30 Fixed #29654 -- Made text truncation an ellipsis character instead of three dots.
Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
2018-08-21 17:46:45 +02:00
Mariusz Felisiak 9fee229874
Fixed #29643 -- Fixed crash when combining Q objects with __in lookups and lists.
Regression in fc6528b25a.
2018-08-08 08:51:20 +02:00
Josh Schneier f1bf069ec1 Refs #29244 -- Fixed django.utils.inspect.method_has_no_args() for bound methods. 2018-08-07 17:37:35 -04:00
Josh Schneier 756b859576 Renamed django.utils.inspect.func_has_no_args() to method_has_no_args(). 2018-08-07 17:37:35 -04:00
Tim Graham 2092206bee
Refs #29600 -- Updated django.utils.datetime_safe now that Python 2 is unsupported. 2018-08-02 10:20:24 -04:00
Andreas Hug a656a68127 Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
Claude Paroz b004bd62e8 Fixed #29412 -- Stopped marking slugify() result as HTML safe. 2018-07-20 10:44:30 -04:00
Claude Paroz 0adfba968e Fixed #29578 -- Made numberformat.format() honor forced l10n usage.
Thanks Sassan Haradji for the report.
2018-07-19 16:44:40 -04:00
Sergey Fedoseev 338f741c5e Fixed #29546 -- Deprecated django.utils.timezone.FixedOffset. 2018-07-09 16:33:36 -04:00
Sergey Fedoseev c9088cfc7b Fixed some assertTrue() that were intended to be assertEqual(). 2018-07-09 11:13:40 -04:00
Sergey Fedoseev bdcde79c5f Made test for memoryview handling in force_bytes() more strict. 2018-07-09 11:01:42 -04:00
Przemysław Suliga d22b90b4ea Fixed #29525 -- Allowed is_safe_url()'s allowed_hosts arg to be a string. 2018-06-29 10:17:52 -04:00
Carlton Gibson f4ef71c689 Refs #29514 -- Added test for get_default_timezone()/timezone.utc equality. 2018-06-28 11:14:26 -04:00
Tim Graham 911af0d24b Added more tests for django.utils.html.urlize(). 2018-03-06 08:30:41 -05:00
Tim Graham 97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
Thanks James Davis for suggesting the fix.
2018-03-06 08:30:40 -05:00
Tim Graham 8618271caa Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
Thanks Florian Apolloner for assisting with the patch.
2018-03-06 08:30:40 -05:00
Tim Graham b832de869e
Added tests for utils.html.urlize() (lazy string inputs were untested). 2018-02-10 15:45:57 -05:00
Jonas Haag 8c709d79cb Fixed #17419 -- Added json_tag template filter. 2018-02-07 18:38:12 -05:00
Tim Graham d0a42a14c0 Fixed imports per isort 4.3.1.
Partially reverted 9bcf73d788.
2018-02-02 14:44:07 -05:00
Mariusz Felisiak 9bcf73d788 Fixed imports per isort 4.3.0. 2018-02-01 09:29:46 +01:00
Jon Dufresne ff05de760c Fixed #29038 -- Removed closing slash from HTML void tags. 2018-01-21 02:09:10 -05:00
Jon Dufresne 1e81a4b897 Fixed #28638 -- Made allowed_hosts a required argument of is_safe_url(). 2018-01-11 07:03:50 -05:00
Tim Graham ab7f4c3306 Refs #28965 -- Deprecated unused django.utils.http.cookie_date(). 2018-01-02 11:23:04 -05:00
Sergey Fedoseev ae6fa914aa Fixed #28926 -- Fixed loss of precision of big DurationField values on SQLite and MySQL. 2017-12-28 17:35:41 -05:00
Sergey Fedoseev 93cdd07e8f Used bytes.hex() and bytes.fromhex() to simplify. 2017-11-23 08:52:23 -05:00
Yusuke Miyazaki 278d66b94b Fixed #28501 -- Fixed "python -m django runserver" crash. 2017-11-06 09:58:15 -05:00
Yusuke Miyazaki ac21f2e391 Added RestartWithReloaderTests. 2017-11-06 09:54:31 -05:00
medmunds d1317edad0 Fixed #28739 -- Fixed get_fixed_timezone() for negative timedeltas. 2017-10-24 21:27:53 -04:00
François Freitag 41be85862d Fixed #28679 -- Fixed urlencode()'s handling of bytes.
Regression in fee42fd99e.

Thanks Claude Paroz, Jon Dufresne, and Tim Graham for the guidance.
2017-10-12 09:08:33 -04:00
François Freitag 0e212a705e Split django.utils.http tests into separate test classes. 2017-10-10 08:53:01 -04:00
Mariusz Felisiak fc6528b25a Fixed #28629 -- Made tree.Node instances hashable.
Regression in 508b5debfb which
added Node.__eq__().
2017-09-28 12:07:19 -04:00
Mads Jensen 8ddbe01760 Added a test for pbkdf2()'s default digest algorithm. 2017-09-27 10:36:26 -04:00
Tim Graham ba42456c2e Refs #27648 -- Removed support for (iLmsu) regex groups in url() patterns.
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham 96107e2844 Refs #26956 -- Removed the host parameter of django.utils.http.is_safe_url().
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Mads Jensen 41a7876991 Added test for too large input to django.utils.http.base36_to_int(). 2017-09-21 10:21:02 -04:00
LBerrocal 54f7aa04a7 Fixed #28306 -- Completed test coverage for django.utils.lorem_ipsum.
Thanks Idan Melamed for the original patch.
2017-09-02 15:50:43 -04:00
Sergey Fedoseev 83440a1258 Refs #28389 -- Added release note and test for pickling of LazyObject when wrapped object doesn't have __reduce__().
Forwardport of 30f334cc58 from stable/1.11.x
2017-07-12 09:30:29 -04:00
Matthew Schinckel 493f7e9e1e Fixed #28076 -- Added support for PostgreSQL's interval format to parse_duration(). 2017-07-03 19:53:19 -04:00
Matthew Schinckel 684c0a35f6 Refs #27804 -- Used subTest() in dateparse tests. 2017-07-03 17:08:58 -04:00
Wil Tan b94d99af5b Refs #28280 -- Added more tests for utils.numberformat.format(). 2017-06-29 13:31:41 -04:00
Georg Sauthoff d0f59054d0 Fixed #28324 -- Made feedgenerators write feeds with deterministically ordered attributes. 2017-06-20 05:38:41 -04:00
Thomas Khyn f6bd00131e Fixed #28241 -- Allowed module_has_submodule()'s module_name arg to be a dotted path. 2017-06-08 14:34:20 -04:00
Jon Dufresne 21046e7773 Fixed #28249 -- Removed unnecessary dict.keys() calls.
iter(dict) is equivalent to iter(dict.keys()).
2017-05-27 19:08:46 -04:00
UmanShahzad 856072dd4a Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. 2017-05-10 09:02:20 -04:00
Tim Graham 309c10c2cb Refs #20094 -- Removed obsolete tests/utils_tests/test_itercompat.py
The is_iterator() function was removed in 2456ffa42c.
2017-04-26 10:54:06 -04:00
petedmarsh 14671affc3 Fixed #28064 -- Removed double-quoting of key names in MultiValueDictKeyError. 2017-04-11 12:44:52 -04:00
Tim Graham 5ea48a70af Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.
This is a security fix.
2017-04-04 10:42:06 -04:00
Claude Paroz 389c3ffc04 Updated tests after French translation update 2017-04-04 13:07:47 +02:00
Tim Graham 6b4f018b2b Replaced type-specific assertions with assertEqual().
Python docs say, "it's usually not necessary to invoke these methods directly."
2017-03-17 07:51:48 -04:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Tim Graham 6ae1b04fb5 Fixed #27900 -- Made escapejs escape backticks for use in ES6 template literals. 2017-03-04 09:04:16 -05:00
Pavlo Kapyshin b6fbf3e8e5 Fixed #27879 -- Fixed crash if enclosures aren't provided to Atom1Feed.add_item().
Regression in 75cf9b5ac0
2017-02-24 09:46:31 -05:00
Ian Foote 508b5debfb Refs #11964 -- Made Q objects deconstructible. 2017-02-23 20:47:48 -05:00
Tim Graham 007d4e030c Completed test coverage for django.utils.encoding. 2017-02-22 20:54:55 -05:00
Chronial 03281d8fe7 Fixed #26005 -- Fixed some percent decoding cases in uri_to_iri(). 2017-02-09 09:22:00 -05:00
Tim Graham 500532c95d Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode(). 2017-02-09 09:03:47 -05:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham 26619ad7b0 Removed an untested and broken branch in force_bytes() (refs #6353).
The new test crashed in the removed branch. It's unclear if the branch has
value since c6a2bd9b96 didn't include tests.
2017-02-03 19:36:53 -05:00
Tim Graham 2f1394c76d Added a test for force_text()'s DjangoUnicodeDecodeError path. 2017-02-03 19:15:50 -05:00
Claude Paroz a21ec12409 Fixed #27803 -- Kept safe status of lazy safe strings in conditional_escape 2017-02-02 21:01:39 +01:00
Tim Graham f8d52521ab Refs #27804 -- Used subTest() in tests.utils_tests.test_html. 2017-02-02 08:17:00 -05:00
Tim Graham 2af8cd22a9 Imported specific functions in tests.utils_tests.test_html. 2017-02-02 07:23:10 -05:00
Claude Paroz ccfd1295f9 Refs #27795 -- Prevented SafeText from losing safe status on str()
This will allow to replace force_text() by str() in several places (as one of
the features of force_text is to keep the safe status).
2017-01-30 21:10:32 +01:00
Claude Paroz c182d66f69 Reintroduced lazy import from commit 52138b1fd0 2017-01-30 15:17:39 +01:00
Claude Paroz 52138b1fd0 Refs #23919 -- Removed usage of obsolete SafeBytes class
The class will be removed as part of #27753.
Thanks Tim Graham for the review.
2017-01-30 15:04:45 +01:00
Tim Graham 9e9e73735e Refs #23919 -- Removed an obsolete test for a Python 2 code path (refs #15662).
Fixed #21628 by removing the last usage of the imp module.
2017-01-27 17:39:49 -05:00
Claude Paroz fee42fd99e Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Claude Paroz 2366100872 Removed unneeded force_text calls in the test suite 2017-01-24 18:45:54 +01:00
Tim Graham d170c63351 Refs #23919 -- Removed misc references to Python 2. 2017-01-21 20:02:00 -05:00
Tim Graham 7aba69145d Refs #23919 -- Removed django.test.mock Python 2 compatibility shim. 2017-01-20 08:17:20 -05:00
Claude Paroz 042b7350a0 Refs #23919 -- Removed unneeded str() calls 2017-01-20 14:13:55 +01:00
Tim Graham 4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage.
These functions do nothing on Python 3.
2017-01-20 08:01:02 -05:00